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AMENDMENTS TO THE CLAIMS 

The listing of claims replaces all prior versions and listings of claims. Only those claims 
being amended herein show their changes in highlighted form, where insertions appear as 
underlined text (e.g., insertions ) while deletions appear as strikethrough text or brackets (e.g., 
d ele tions or [[deletions]]). Accordingly, please amend Claims 1-5 and 10-12, cancel Claims 6-9 
without prejudice or disclaimer, and add new Claims 13-20 as follows: 

1. (Currently Amended) A [[An]] apparatus for a baseline authentication agency 
for determining i n a g l obal n e twork th e us e r a user's login status as the user accesses a gees 
from s i t e to site within a said network, said apparatus comprising: 

a database storing information about partner sites that have been linked by a 

user: 

a s e t of baseline authentication ag e nci e s agency server responsible for core 
global network authentication services configured: 

to receive a reguest from a user's browser, the reguest comprising: 
a site identification identifying a site: and 

a cookie related to the user and including a reference to the 
baseline authentication agency; 
to determine whether the cookie is valid: 

to determine whether the user has authorized seamless login for the site 
using the information from the database: and 

to generate a login ticket for the site and send the login ticket to the 
user's browser if the cookie is valid and the user has authorized seamless login 
for the site : 

wherein the cookie is stored on a global network domain and a ssoc i at e d DNS 
r e cords used for cookie sharing[[,]] login routing, and th e li k e ; and the site is one of a 
collection of partner sites with access to cookies shared on the v i a said global network 
domain. 

2. (Currently Amended) The apparatus of Claim 1, wherein the [[a]] baseline 
authentication agency of sa i d s e t of bas eli n e auth e nt i cation ag e nc ie s: provides authentication 
services for a subset of [[the]] users of the global network domain, the baseline authentication 
agency server further configured to: 

after authenticating the [[a]] user, write the wr i t e s a site identification along with an 
authenticated status of true into the [[a]] cookie of the user stored on the [[said]] global network 
domain and shared and accessible by [[said]] the collection of partner sites; and after [f whenll 
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the a g l obal n e twork user logs out of said global network domain , reset [[resets]] the user's 
authenticated status to false in the [[said]] shar e d domain cookie. 

3. (Currently Amended) The apparatus of Claim 1 [[2]], wherein the baseline 
authentication agency server is further compr i s i ng configured to: 

receive the ticket from the site; 
determine whether the ticket is valid; and 

if the ticket is valid, send user identification information to the site, the user 
identification information to be used by the site to login the user- 
m e ans for when an auth e nt i cat e d globa l n e twork us e r using a brows e r v i s i ts a partn e r 

sit e of said co lle ction of partn e r sit e s, sa i d partner sit e acc e ss i ng sa i d shar e d domain cook ie to 

d e t e rm i n e th e us e r's bas eli n e auth e ntication ag e ncy; 

m e ans for said partn e r s i t e r e d i r e cting sa i d — us e r's brows e r to sa i d — bas eli n e 

auth e nt i cat i on a g e ncy to r e qu e st g l ob al n e two r k i d informational of th e us er; 

wh e r ei n sa i d bas eli n e auth e nt i cat i on ag e ncy d i st i ngu i sh e s b e tw ee n s i t e s that hav e b ee n 

link e d and that hav e a trust r el ationship with th e us e r and on e s that hav e not b ee n li nk e d; and 
m e ans for said bas eli n e auth e ntication ag e ncy r e turn i ng sa i d g l oba l n e twork id 

informational of th e us e r to said partn e r s i te i f it' s a link e d sit e , th e r e by p e rform i ng a s e am le ss 

auth e nt i cat i on, and i f said sit e i s not link e d, said bas eli n e auth e nt i cation ag e ncy r e turn i ng an 

auth e nt i cat i on e rror ind i cat i on. 

4. (Currently Amended) The apparatus of Claim 1 [[2]], wherein the baseline 
authentication agency server is further comprising configured to: 

send a message to the user's browser that indicates that no ticket is available if the 
cookie is not valid or if the user has not authorized seamless login for the site. 

m e ans for wh e n an unauth e nt i cat e d global n e twork us e r v i sits a g l obal partn e r sit e , sa i d 
globa l n e twork partner sit e att e mpt i ng to acc e ss sa i d sh a r e d domain cook ie and ei th e r not 
finding said cooki e at a l l , or d e t e rm i n i ng that s ai d auth e nt i c a t e d status i s fals e ; and 

wh e r ei n i n ei th e r cas e , said g l obal network partn e r sit e d e t e rmin i ng that a us e r is not 
auth e nt i cat e d i nto th e g l oba l n e twork a nd thus not a ll ow i ng a cc e ss for said us e r. 

5. (Currently Amended) The apparatus of Claim 1 [[2]], wherein the baseline 
authentication agency server further comprising comprises : 

a globally unique identifier for each global network user account, wherein said 
globally unique identifier is a primary key with which the database is globa l n e twork us e r 
dat a r e cords ar e indexed , a nd wh e r ei n for privacy r e asons, on l y said g l oba ll y uniqu e 
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id e ntif ie r and 



of an associat e d bas eli ne auth e nticat i ng ag e ncy 
i a us e r opts -i n to distr i buting said g l obal n e twork l< 



shar e d with 



th i rd party s i t e s un le ss 



login id . 



6. (Cancelled) 

7. (Cancelled) 

8. (Cancelled) 

9. (Cancelled) 

10. (Currently Amended) A computer-implemented method for a baseline 
authentication agency that determines a user's login permission for a site, us e r on a g l obal 
n e twork us i ng a brows e r visit i ng a partn e r W e b sit e , wh e r ei n said partn e r W e b sit e is a l ink e d 



comprising th e st e ps of : 

receiving a reguest from a user's browser, the reguest comprising a site identifier 
related to a site, and a set of user information related to a user and including a 
reference designating the baseline authentication agency; 

determining whether the set of user information is valid; 
if the set of user information is valid, 

determining whether the user has authorized seamless login for the site; 

and 

generating a login ticket for the site and sending the login ticket to the 
user's browser if the user has authorized seamless login for the site; 

said us e r s ele ct i ng sa i d partn e r W e b site and sa i d brows e r r e qu e sting a hom e pag e of 
said partn e r W e b sit e , wh e r e in said hom e pag e of s ai d partn e r W e b s i t e compris e s a 
JavaScript tag t e lling said brows e r to f e tch a partn e r s i t e s e rv e d JavaScr i pt f ile from s a id 
partn e r sit e s e rv e r, as w el l as f e tch oth e r r ele vant JavaScr i pt cod e ; 

sa i d partn e r W e b s i t e s e rv e r obtains a n e twork l og i n status cookie on a g l obal n e twork 
domain, th e r e by d e t e rmin i ng sa i d us e r's global n e twork log i n status and BAA; 

sa i d partn e r W e b sit e using a BAA id from sa i d n e twork l ogin status cook ie for 
formu l at i ng a URL to a l ogin tok e n - g e n e rat i on serv i c e of said associat e d auth e nt i cation ag e ncy 
doma i n, and r e turning an HTTP r e dir e ct to said URL; 

sa i d brows e r f e tching sa i d URL, and passing a g l oba l n e twork sit o i d of sa i d partn e r 

said associated auth e nt i cat i on ag e ncy domain r e c ei ving sa i d tok e n g e n e ration r e qu e st 
inc l uding sa i d s i t o id, as w e ll as any corr e sponding us e r g l oba l n e twork cr e d e ntia l cook io 
pr e vious l y s e nt to th e brows e r; 




)a l n e twork sit e , dur i ng an ongo i ng 



>ion, said the method 
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sa i d partn e r W e b sit e 's hom e pag e compr i s i ng a particu l ar JavaScr i pt cod e and us i ng 
said particular JavaScr i pt cod e for d e t e rm i ning a JavaScr i pt login - tok e n v a r i ab le has a valu e , 
wh e r e in if said l og i n - tok e n var i abl e has said va l u e , th e n s ai d proc ee ds with a s e am le ss g l obal 
n e twork log i n proc e ss i ng; 

sa i d partn e r W e b s i t e r e qu e st i ng mapp i ng of sa i d l og i n - tok e n var i abl e to an us e r globa l 

said g l oba l n e twork s e rv e r d e crypting sa i d log i n - tok e n var i ab le and p e rforming v al idation 
ch e cks on sa i d l og i n tok e n var i ab le , sa i d ch e cks compr i s i ng, but not l im i t e d to: not e xp i r e d and 
i f an a ssoc i at e d I P of said r e qu e st i ng partn e r W e b sit e i s i n an a ll ow e d li st, and if sa i d va l idat i on 
ch e cks pass, th e n sa i d g l oba l n e twork s e rv e r return i ng said g l oba l n e twork account numb e r to 
said partn e r W e b s i t e ; and 

sa i d partn e r W e b s i t e mapp i ng said us e r's g l obal n e twork account numb e r to a 
corr e sponding partn e r W e b s i t e r e cord, l ogging us e r in, s e tt i ng cook ie s of sa i d partn e r W e b 
s i t e , and r e turn i ng a p e rsonal i z e d w el com e pag e . 

1 1 . (Currently Amended) The method of Claim [[of]] 1 0 further comprising th e st e ps 

of: 

sa i d associat e d auth en tication ag e ncy doma i n checking if the site [[id]] identifier is 
known or valid , if said u se r's cr e d e ntia l s ar e va li d, and i f th e us e r has authoriz e d s e am le ss l og i n 
to sa i d partn e r W e b s i t e. 

12. (Currently Amended) The method of Claim [[of]] 10, sa i d s e am le ss g l obal 
n e twork log i n proc e ss i ng further comprising th e st e ps of : 

generating [[said]] JavaScript code writing out an HTML form comprising the sa i d g l oba l 
n e twork login tok e n ticket as a hidden field and writing out a partner Web site global network 
login handler as an action URL, and auto-submitting said form such that the said browser posts 
the said-form to a [[said]] partner Web site global network login handler URL on the said 
partner [[Web]] site. 

13. (New) The method of Claim 10, wherein the set of user information is a cookie. 

14. (New) The method of Claim 10, wherein the site is one of a collection of partner 

sites. 

15. (New) The method of Claim 10, wherein generating the login ticket for the site 
comprises generating JavaScript code that stores the login ticket. 

16. (New) The method of Claim 15, wherein sending the login ticket for the site 
comprises sending the JavaScript code. 

1 7. (New) The method of Claim 1 0.further comprising 
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if the set of user information is valid, 

receiving the ticket from the site; 
determining whether the ticket is valid; and 

if the ticket is valid, sending user identification information to the site, the 
user identification information to be used by the site to login the user. 

18. (New) A storage medium having a computer program stored thereon for causing 
a suitably programmed system to process computer-program code by performing the method of 
Claim 10 when such program is executed on the system. 

19. (New) A baseline authentication agency configured to determine a user's login 
permission for a site, the baseline authentication agency comprising: 

a list of partner sites that have been linked by a user; 
a baseline authentication agency server configured to: 

receive a request from a user's browser, the request comprising a site 
identifier related to a site, and a set of user information related to a user and 
referencing the baseline authentication agency; 

determine whether the set of user information is valid; 

determine whether the user has authorized seamless login for the site; 

and 

if the set of user information is valid and the user has authorized 
seamless login for the site, 

generate a login ticket for the site; 

send the login ticket to the user's browser. 

20. (New) The baseline authentication agency of Claim 19, wherein the baseline 
authentication agency server is further configured to: 

receive the ticket from the site; 
determine whether the ticket is valid; and 

if the ticket is valid, send user identification information to the site, the user 
identification information to be used by the site to login the user. 
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